Confidential driver data was accessed by accident management firms

Monday, 8 August 2016

A new investigation by RMIF National Association of Bodyshops (NAB) has revealed that driver data - including both phone numbers and addresses - may have been accessed by third parties not involved in the repair of vehicles.

The bodyshop repair firm has spent several months investigating potentially serious leaks of confidential information by repairer management systems, with personal data being released to third-party legal firms and other accident management companies.

Jason Moseley, the executive director for NAB, said: “We have direct evidence that data entered into bodyshop systems has found its way, in a matter of hours, into the hands of third party organisations.

“We have been analysing, with our members, the terms and conditions of the various agreements in place with repairer management systems, whether they are entitled to do this and the nature, scope and validity of such activity.

“As part of an internal investigation, one of the bodyshops involved entered fictitious data into the system to attempt to draw out a reaction. Within a few hours of this data entry, a call was received from an accident management company trying to leverage a compensation claim.”

The NAB has already informed the legal authorities and begun to work with them behind the scenes in order to obtain more information on what could be one of the UK aftermarket industry’s most alarming cases.

Mr Moseley said: “We do not yet know if these actions are legitimate disclosures, the result of a cyber-attack or a physical breach of such systems, so we have taken no chances and launched an investigation.

“We will be pushing hard with our members to bring more transparency and collaborating with the necessary authorities. We must get to the truth.

“Addressing this particular issue forms part of our overall strategy to ensure that bodyshops, and consumers, are treated fairly.”